On Wed, Jul 16, 2014 at 03:51:41PM +0200, li...@rhsoft.net wrote:
> "secure" means enforce encryption while "may" allows fallback to plain
> anything above requires DANE - the archives are your friend
> without dane there is no real verification possible at all
This is not correct. The levels ar
On Wed, Jul 16, 2014 at 03:48:12PM +0200, Sven Strickroth wrote:
> I'm using smtp_tls_policy_maps = hash:/etc/postfix/tls_policy with an
> entry like "hs-hannover.de secure match=.fh-hannover.de".
>
> However, I'm able with postfix to deliver mails to that domain
> despite the fact that the certi
Am 16.07.2014 15:48, schrieb Sven Strickroth:
> I'm using smtp_tls_policy_maps = hash:/etc/postfix/tls_policy with an entry
> like "hs-hannover.de secure match=.fh-hannover.de".
>
> However, I'm able with postfix to deliver mails to that domain despite the
> fact that the certificate expired (i
Hi,
I'm using smtp_tls_policy_maps = hash:/etc/postfix/tls_policy with an entry
like "hs-hannover.de secure match=.fh-hannover.de".
However, I'm able with postfix to deliver mails to that domain despite the fact
that the certificate expired (in logs I see the following statement:)
Jul 16 15:06:
